evp_rand.c 20 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683684
  1. /*
  2. * Copyright 2020-2021 The OpenSSL Project Authors. All Rights Reserved.
  3. *
  4. * Licensed under the Apache License 2.0 (the "License"). You may not use
  5. * this file except in compliance with the License. You can obtain a copy
  6. * in the file LICENSE in the source distribution or at
  7. * https://www.openssl.org/source/license.html
  8. */
  9. #include <stdio.h>
  10. #include <stdlib.h>
  11. #include <openssl/evp.h>
  12. #include <openssl/rand.h>
  13. #include <openssl/core.h>
  14. #include <openssl/core_names.h>
  15. #include <openssl/crypto.h>
  16. #include "internal/cryptlib.h"
  17. #include "internal/numbers.h"
  18. #include "internal/provider.h"
  19. #include "internal/core.h"
  20. #include "crypto/evp.h"
  21. #include "evp_local.h"
  22. struct evp_rand_st {
  23. OSSL_PROVIDER *prov;
  24. int name_id;
  25. char *type_name;
  26. const char *description;
  27. CRYPTO_REF_COUNT refcnt;
  28. CRYPTO_RWLOCK *refcnt_lock;
  29. const OSSL_DISPATCH *dispatch;
  30. OSSL_FUNC_rand_newctx_fn *newctx;
  31. OSSL_FUNC_rand_freectx_fn *freectx;
  32. OSSL_FUNC_rand_instantiate_fn *instantiate;
  33. OSSL_FUNC_rand_uninstantiate_fn *uninstantiate;
  34. OSSL_FUNC_rand_generate_fn *generate;
  35. OSSL_FUNC_rand_reseed_fn *reseed;
  36. OSSL_FUNC_rand_nonce_fn *nonce;
  37. OSSL_FUNC_rand_enable_locking_fn *enable_locking;
  38. OSSL_FUNC_rand_lock_fn *lock;
  39. OSSL_FUNC_rand_unlock_fn *unlock;
  40. OSSL_FUNC_rand_gettable_params_fn *gettable_params;
  41. OSSL_FUNC_rand_gettable_ctx_params_fn *gettable_ctx_params;
  42. OSSL_FUNC_rand_settable_ctx_params_fn *settable_ctx_params;
  43. OSSL_FUNC_rand_get_params_fn *get_params;
  44. OSSL_FUNC_rand_get_ctx_params_fn *get_ctx_params;
  45. OSSL_FUNC_rand_set_ctx_params_fn *set_ctx_params;
  46. OSSL_FUNC_rand_verify_zeroization_fn *verify_zeroization;
  47. } /* EVP_RAND */ ;
  48. static int evp_rand_up_ref(void *vrand)
  49. {
  50. EVP_RAND *rand = (EVP_RAND *)vrand;
  51. int ref = 0;
  52. if (rand != NULL)
  53. return CRYPTO_UP_REF(&rand->refcnt, &ref, rand->refcnt_lock);
  54. return 1;
  55. }
  56. static void evp_rand_free(void *vrand)
  57. {
  58. EVP_RAND *rand = (EVP_RAND *)vrand;
  59. int ref = 0;
  60. if (rand == NULL)
  61. return;
  62. CRYPTO_DOWN_REF(&rand->refcnt, &ref, rand->refcnt_lock);
  63. if (ref > 0)
  64. return;
  65. OPENSSL_free(rand->type_name);
  66. ossl_provider_free(rand->prov);
  67. CRYPTO_THREAD_lock_free(rand->refcnt_lock);
  68. OPENSSL_free(rand);
  69. }
  70. static void *evp_rand_new(void)
  71. {
  72. EVP_RAND *rand = OPENSSL_zalloc(sizeof(*rand));
  73. if (rand == NULL
  74. || (rand->refcnt_lock = CRYPTO_THREAD_lock_new()) == NULL) {
  75. OPENSSL_free(rand);
  76. return NULL;
  77. }
  78. rand->refcnt = 1;
  79. return rand;
  80. }
  81. /* Enable locking of the underlying DRBG/RAND if available */
  82. int EVP_RAND_enable_locking(EVP_RAND_CTX *rand)
  83. {
  84. if (rand->meth->enable_locking != NULL)
  85. return rand->meth->enable_locking(rand->algctx);
  86. ERR_raise(ERR_LIB_EVP, EVP_R_LOCKING_NOT_SUPPORTED);
  87. return 0;
  88. }
  89. /* Lock the underlying DRBG/RAND if available */
  90. static int evp_rand_lock(EVP_RAND_CTX *rand)
  91. {
  92. if (rand->meth->lock != NULL)
  93. return rand->meth->lock(rand->algctx);
  94. return 1;
  95. }
  96. /* Unlock the underlying DRBG/RAND if available */
  97. static void evp_rand_unlock(EVP_RAND_CTX *rand)
  98. {
  99. if (rand->meth->unlock != NULL)
  100. rand->meth->unlock(rand->algctx);
  101. }
  102. static void *evp_rand_from_algorithm(int name_id,
  103. const OSSL_ALGORITHM *algodef,
  104. OSSL_PROVIDER *prov)
  105. {
  106. const OSSL_DISPATCH *fns = algodef->implementation;
  107. EVP_RAND *rand = NULL;
  108. int fnrandcnt = 0, fnctxcnt = 0, fnlockcnt = 0, fnenablelockcnt = 0;
  109. #ifdef FIPS_MODULE
  110. int fnzeroizecnt = 0;
  111. #endif
  112. if ((rand = evp_rand_new()) == NULL) {
  113. ERR_raise(ERR_LIB_EVP, ERR_R_EVP_LIB);
  114. return NULL;
  115. }
  116. rand->name_id = name_id;
  117. if ((rand->type_name = ossl_algorithm_get1_first_name(algodef)) == NULL) {
  118. evp_rand_free(rand);
  119. return NULL;
  120. }
  121. rand->description = algodef->algorithm_description;
  122. rand->dispatch = fns;
  123. for (; fns->function_id != 0; fns++) {
  124. switch (fns->function_id) {
  125. case OSSL_FUNC_RAND_NEWCTX:
  126. if (rand->newctx != NULL)
  127. break;
  128. rand->newctx = OSSL_FUNC_rand_newctx(fns);
  129. fnctxcnt++;
  130. break;
  131. case OSSL_FUNC_RAND_FREECTX:
  132. if (rand->freectx != NULL)
  133. break;
  134. rand->freectx = OSSL_FUNC_rand_freectx(fns);
  135. fnctxcnt++;
  136. break;
  137. case OSSL_FUNC_RAND_INSTANTIATE:
  138. if (rand->instantiate != NULL)
  139. break;
  140. rand->instantiate = OSSL_FUNC_rand_instantiate(fns);
  141. fnrandcnt++;
  142. break;
  143. case OSSL_FUNC_RAND_UNINSTANTIATE:
  144. if (rand->uninstantiate != NULL)
  145. break;
  146. rand->uninstantiate = OSSL_FUNC_rand_uninstantiate(fns);
  147. fnrandcnt++;
  148. break;
  149. case OSSL_FUNC_RAND_GENERATE:
  150. if (rand->generate != NULL)
  151. break;
  152. rand->generate = OSSL_FUNC_rand_generate(fns);
  153. fnrandcnt++;
  154. break;
  155. case OSSL_FUNC_RAND_RESEED:
  156. if (rand->reseed != NULL)
  157. break;
  158. rand->reseed = OSSL_FUNC_rand_reseed(fns);
  159. break;
  160. case OSSL_FUNC_RAND_NONCE:
  161. if (rand->nonce != NULL)
  162. break;
  163. rand->nonce = OSSL_FUNC_rand_nonce(fns);
  164. break;
  165. case OSSL_FUNC_RAND_ENABLE_LOCKING:
  166. if (rand->enable_locking != NULL)
  167. break;
  168. rand->enable_locking = OSSL_FUNC_rand_enable_locking(fns);
  169. fnenablelockcnt++;
  170. break;
  171. case OSSL_FUNC_RAND_LOCK:
  172. if (rand->lock != NULL)
  173. break;
  174. rand->lock = OSSL_FUNC_rand_lock(fns);
  175. fnlockcnt++;
  176. break;
  177. case OSSL_FUNC_RAND_UNLOCK:
  178. if (rand->unlock != NULL)
  179. break;
  180. rand->unlock = OSSL_FUNC_rand_unlock(fns);
  181. fnlockcnt++;
  182. break;
  183. case OSSL_FUNC_RAND_GETTABLE_PARAMS:
  184. if (rand->gettable_params != NULL)
  185. break;
  186. rand->gettable_params =
  187. OSSL_FUNC_rand_gettable_params(fns);
  188. break;
  189. case OSSL_FUNC_RAND_GETTABLE_CTX_PARAMS:
  190. if (rand->gettable_ctx_params != NULL)
  191. break;
  192. rand->gettable_ctx_params =
  193. OSSL_FUNC_rand_gettable_ctx_params(fns);
  194. break;
  195. case OSSL_FUNC_RAND_SETTABLE_CTX_PARAMS:
  196. if (rand->settable_ctx_params != NULL)
  197. break;
  198. rand->settable_ctx_params =
  199. OSSL_FUNC_rand_settable_ctx_params(fns);
  200. break;
  201. case OSSL_FUNC_RAND_GET_PARAMS:
  202. if (rand->get_params != NULL)
  203. break;
  204. rand->get_params = OSSL_FUNC_rand_get_params(fns);
  205. break;
  206. case OSSL_FUNC_RAND_GET_CTX_PARAMS:
  207. if (rand->get_ctx_params != NULL)
  208. break;
  209. rand->get_ctx_params = OSSL_FUNC_rand_get_ctx_params(fns);
  210. fnctxcnt++;
  211. break;
  212. case OSSL_FUNC_RAND_SET_CTX_PARAMS:
  213. if (rand->set_ctx_params != NULL)
  214. break;
  215. rand->set_ctx_params = OSSL_FUNC_rand_set_ctx_params(fns);
  216. break;
  217. case OSSL_FUNC_RAND_VERIFY_ZEROIZATION:
  218. if (rand->verify_zeroization != NULL)
  219. break;
  220. rand->verify_zeroization = OSSL_FUNC_rand_verify_zeroization(fns);
  221. #ifdef FIPS_MODULE
  222. fnzeroizecnt++;
  223. #endif
  224. break;
  225. }
  226. }
  227. /*
  228. * In order to be a consistent set of functions we must have at least
  229. * a complete set of "rand" functions and a complete set of context
  230. * management functions. In FIPS mode, we also require the zeroization
  231. * verification function.
  232. *
  233. * In addition, if locking can be enabled, we need a complete set of
  234. * locking functions.
  235. */
  236. if (fnrandcnt != 3
  237. || fnctxcnt != 3
  238. || (fnenablelockcnt != 0 && fnenablelockcnt != 1)
  239. || (fnlockcnt != 0 && fnlockcnt != 2)
  240. #ifdef FIPS_MODULE
  241. || fnzeroizecnt != 1
  242. #endif
  243. ) {
  244. evp_rand_free(rand);
  245. ERR_raise(ERR_LIB_EVP, EVP_R_INVALID_PROVIDER_FUNCTIONS);
  246. return NULL;
  247. }
  248. if (prov != NULL && !ossl_provider_up_ref(prov)) {
  249. evp_rand_free(rand);
  250. ERR_raise(ERR_LIB_EVP, ERR_R_INTERNAL_ERROR);
  251. return NULL;
  252. }
  253. rand->prov = prov;
  254. return rand;
  255. }
  256. EVP_RAND *EVP_RAND_fetch(OSSL_LIB_CTX *libctx, const char *algorithm,
  257. const char *properties)
  258. {
  259. return evp_generic_fetch(libctx, OSSL_OP_RAND, algorithm, properties,
  260. evp_rand_from_algorithm, evp_rand_up_ref,
  261. evp_rand_free);
  262. }
  263. int EVP_RAND_up_ref(EVP_RAND *rand)
  264. {
  265. return evp_rand_up_ref(rand);
  266. }
  267. void EVP_RAND_free(EVP_RAND *rand)
  268. {
  269. evp_rand_free(rand);
  270. }
  271. int evp_rand_get_number(const EVP_RAND *rand)
  272. {
  273. return rand->name_id;
  274. }
  275. const char *EVP_RAND_get0_name(const EVP_RAND *rand)
  276. {
  277. return rand->type_name;
  278. }
  279. const char *EVP_RAND_get0_description(const EVP_RAND *rand)
  280. {
  281. return rand->description;
  282. }
  283. int EVP_RAND_is_a(const EVP_RAND *rand, const char *name)
  284. {
  285. return rand != NULL && evp_is_a(rand->prov, rand->name_id, NULL, name);
  286. }
  287. const OSSL_PROVIDER *EVP_RAND_get0_provider(const EVP_RAND *rand)
  288. {
  289. return rand->prov;
  290. }
  291. int EVP_RAND_get_params(EVP_RAND *rand, OSSL_PARAM params[])
  292. {
  293. if (rand->get_params != NULL)
  294. return rand->get_params(params);
  295. return 1;
  296. }
  297. int EVP_RAND_CTX_up_ref(EVP_RAND_CTX *ctx)
  298. {
  299. int ref = 0;
  300. return CRYPTO_UP_REF(&ctx->refcnt, &ref, ctx->refcnt_lock);
  301. }
  302. EVP_RAND_CTX *EVP_RAND_CTX_new(EVP_RAND *rand, EVP_RAND_CTX *parent)
  303. {
  304. EVP_RAND_CTX *ctx;
  305. void *parent_ctx = NULL;
  306. const OSSL_DISPATCH *parent_dispatch = NULL;
  307. if (rand == NULL) {
  308. ERR_raise(ERR_LIB_EVP, EVP_R_INVALID_NULL_ALGORITHM);
  309. return NULL;
  310. }
  311. ctx = OPENSSL_zalloc(sizeof(*ctx));
  312. if (ctx == NULL)
  313. return NULL;
  314. if ((ctx->refcnt_lock = CRYPTO_THREAD_lock_new()) == NULL) {
  315. OPENSSL_free(ctx);
  316. ERR_raise(ERR_LIB_EVP, ERR_R_CRYPTO_LIB);
  317. return NULL;
  318. }
  319. if (parent != NULL) {
  320. if (!EVP_RAND_CTX_up_ref(parent)) {
  321. ERR_raise(ERR_LIB_EVP, ERR_R_INTERNAL_ERROR);
  322. CRYPTO_THREAD_lock_free(ctx->refcnt_lock);
  323. OPENSSL_free(ctx);
  324. return NULL;
  325. }
  326. parent_ctx = parent->algctx;
  327. parent_dispatch = parent->meth->dispatch;
  328. }
  329. if ((ctx->algctx = rand->newctx(ossl_provider_ctx(rand->prov), parent_ctx,
  330. parent_dispatch)) == NULL
  331. || !EVP_RAND_up_ref(rand)) {
  332. ERR_raise(ERR_LIB_EVP, ERR_R_EVP_LIB);
  333. rand->freectx(ctx->algctx);
  334. CRYPTO_THREAD_lock_free(ctx->refcnt_lock);
  335. OPENSSL_free(ctx);
  336. EVP_RAND_CTX_free(parent);
  337. return NULL;
  338. }
  339. ctx->meth = rand;
  340. ctx->parent = parent;
  341. ctx->refcnt = 1;
  342. return ctx;
  343. }
  344. void EVP_RAND_CTX_free(EVP_RAND_CTX *ctx)
  345. {
  346. int ref = 0;
  347. EVP_RAND_CTX *parent;
  348. if (ctx == NULL)
  349. return;
  350. CRYPTO_DOWN_REF(&ctx->refcnt, &ref, ctx->refcnt_lock);
  351. if (ref > 0)
  352. return;
  353. parent = ctx->parent;
  354. ctx->meth->freectx(ctx->algctx);
  355. ctx->algctx = NULL;
  356. EVP_RAND_free(ctx->meth);
  357. CRYPTO_THREAD_lock_free(ctx->refcnt_lock);
  358. OPENSSL_free(ctx);
  359. EVP_RAND_CTX_free(parent);
  360. }
  361. EVP_RAND *EVP_RAND_CTX_get0_rand(EVP_RAND_CTX *ctx)
  362. {
  363. return ctx->meth;
  364. }
  365. static int evp_rand_get_ctx_params_locked(EVP_RAND_CTX *ctx,
  366. OSSL_PARAM params[])
  367. {
  368. return ctx->meth->get_ctx_params(ctx->algctx, params);
  369. }
  370. int EVP_RAND_CTX_get_params(EVP_RAND_CTX *ctx, OSSL_PARAM params[])
  371. {
  372. int res;
  373. if (!evp_rand_lock(ctx))
  374. return 0;
  375. res = evp_rand_get_ctx_params_locked(ctx, params);
  376. evp_rand_unlock(ctx);
  377. return res;
  378. }
  379. static int evp_rand_set_ctx_params_locked(EVP_RAND_CTX *ctx,
  380. const OSSL_PARAM params[])
  381. {
  382. if (ctx->meth->set_ctx_params != NULL)
  383. return ctx->meth->set_ctx_params(ctx->algctx, params);
  384. return 1;
  385. }
  386. int EVP_RAND_CTX_set_params(EVP_RAND_CTX *ctx, const OSSL_PARAM params[])
  387. {
  388. int res;
  389. if (!evp_rand_lock(ctx))
  390. return 0;
  391. res = evp_rand_set_ctx_params_locked(ctx, params);
  392. evp_rand_unlock(ctx);
  393. return res;
  394. }
  395. const OSSL_PARAM *EVP_RAND_gettable_params(const EVP_RAND *rand)
  396. {
  397. if (rand->gettable_params == NULL)
  398. return NULL;
  399. return rand->gettable_params(ossl_provider_ctx(EVP_RAND_get0_provider(rand)));
  400. }
  401. const OSSL_PARAM *EVP_RAND_gettable_ctx_params(const EVP_RAND *rand)
  402. {
  403. void *provctx;
  404. if (rand->gettable_ctx_params == NULL)
  405. return NULL;
  406. provctx = ossl_provider_ctx(EVP_RAND_get0_provider(rand));
  407. return rand->gettable_ctx_params(NULL, provctx);
  408. }
  409. const OSSL_PARAM *EVP_RAND_settable_ctx_params(const EVP_RAND *rand)
  410. {
  411. void *provctx;
  412. if (rand->settable_ctx_params == NULL)
  413. return NULL;
  414. provctx = ossl_provider_ctx(EVP_RAND_get0_provider(rand));
  415. return rand->settable_ctx_params(NULL, provctx);
  416. }
  417. const OSSL_PARAM *EVP_RAND_CTX_gettable_params(EVP_RAND_CTX *ctx)
  418. {
  419. void *provctx;
  420. if (ctx->meth->gettable_ctx_params == NULL)
  421. return NULL;
  422. provctx = ossl_provider_ctx(EVP_RAND_get0_provider(ctx->meth));
  423. return ctx->meth->gettable_ctx_params(ctx->algctx, provctx);
  424. }
  425. const OSSL_PARAM *EVP_RAND_CTX_settable_params(EVP_RAND_CTX *ctx)
  426. {
  427. void *provctx;
  428. if (ctx->meth->settable_ctx_params == NULL)
  429. return NULL;
  430. provctx = ossl_provider_ctx(EVP_RAND_get0_provider(ctx->meth));
  431. return ctx->meth->settable_ctx_params(ctx->algctx, provctx);
  432. }
  433. void EVP_RAND_do_all_provided(OSSL_LIB_CTX *libctx,
  434. void (*fn)(EVP_RAND *rand, void *arg),
  435. void *arg)
  436. {
  437. evp_generic_do_all(libctx, OSSL_OP_RAND,
  438. (void (*)(void *, void *))fn, arg,
  439. evp_rand_from_algorithm, evp_rand_up_ref,
  440. evp_rand_free);
  441. }
  442. int EVP_RAND_names_do_all(const EVP_RAND *rand,
  443. void (*fn)(const char *name, void *data),
  444. void *data)
  445. {
  446. if (rand->prov != NULL)
  447. return evp_names_do_all(rand->prov, rand->name_id, fn, data);
  448. return 1;
  449. }
  450. static int evp_rand_instantiate_locked
  451. (EVP_RAND_CTX *ctx, unsigned int strength, int prediction_resistance,
  452. const unsigned char *pstr, size_t pstr_len, const OSSL_PARAM params[])
  453. {
  454. return ctx->meth->instantiate(ctx->algctx, strength, prediction_resistance,
  455. pstr, pstr_len, params);
  456. }
  457. int EVP_RAND_instantiate(EVP_RAND_CTX *ctx, unsigned int strength,
  458. int prediction_resistance,
  459. const unsigned char *pstr, size_t pstr_len,
  460. const OSSL_PARAM params[])
  461. {
  462. int res;
  463. if (!evp_rand_lock(ctx))
  464. return 0;
  465. res = evp_rand_instantiate_locked(ctx, strength, prediction_resistance,
  466. pstr, pstr_len, params);
  467. evp_rand_unlock(ctx);
  468. return res;
  469. }
  470. static int evp_rand_uninstantiate_locked(EVP_RAND_CTX *ctx)
  471. {
  472. return ctx->meth->uninstantiate(ctx->algctx);
  473. }
  474. int EVP_RAND_uninstantiate(EVP_RAND_CTX *ctx)
  475. {
  476. int res;
  477. if (!evp_rand_lock(ctx))
  478. return 0;
  479. res = evp_rand_uninstantiate_locked(ctx);
  480. evp_rand_unlock(ctx);
  481. return res;
  482. }
  483. static int evp_rand_generate_locked(EVP_RAND_CTX *ctx, unsigned char *out,
  484. size_t outlen, unsigned int strength,
  485. int prediction_resistance,
  486. const unsigned char *addin,
  487. size_t addin_len)
  488. {
  489. size_t chunk, max_request = 0;
  490. OSSL_PARAM params[2] = { OSSL_PARAM_END, OSSL_PARAM_END };
  491. params[0] = OSSL_PARAM_construct_size_t(OSSL_RAND_PARAM_MAX_REQUEST,
  492. &max_request);
  493. if (!evp_rand_get_ctx_params_locked(ctx, params)
  494. || max_request == 0) {
  495. ERR_raise(ERR_LIB_EVP, EVP_R_UNABLE_TO_GET_MAXIMUM_REQUEST_SIZE);
  496. return 0;
  497. }
  498. for (; outlen > 0; outlen -= chunk, out += chunk) {
  499. chunk = outlen > max_request ? max_request : outlen;
  500. if (!ctx->meth->generate(ctx->algctx, out, chunk, strength,
  501. prediction_resistance, addin, addin_len)) {
  502. ERR_raise(ERR_LIB_EVP, EVP_R_GENERATE_ERROR);
  503. return 0;
  504. }
  505. /*
  506. * Prediction resistance is only relevant the first time around,
  507. * subsequently, the DRBG has already been properly reseeded.
  508. */
  509. prediction_resistance = 0;
  510. }
  511. return 1;
  512. }
  513. int EVP_RAND_generate(EVP_RAND_CTX *ctx, unsigned char *out, size_t outlen,
  514. unsigned int strength, int prediction_resistance,
  515. const unsigned char *addin, size_t addin_len)
  516. {
  517. int res;
  518. if (!evp_rand_lock(ctx))
  519. return 0;
  520. res = evp_rand_generate_locked(ctx, out, outlen, strength,
  521. prediction_resistance, addin, addin_len);
  522. evp_rand_unlock(ctx);
  523. return res;
  524. }
  525. static int evp_rand_reseed_locked(EVP_RAND_CTX *ctx, int prediction_resistance,
  526. const unsigned char *ent, size_t ent_len,
  527. const unsigned char *addin, size_t addin_len)
  528. {
  529. if (ctx->meth->reseed != NULL)
  530. return ctx->meth->reseed(ctx->algctx, prediction_resistance,
  531. ent, ent_len, addin, addin_len);
  532. return 1;
  533. }
  534. int EVP_RAND_reseed(EVP_RAND_CTX *ctx, int prediction_resistance,
  535. const unsigned char *ent, size_t ent_len,
  536. const unsigned char *addin, size_t addin_len)
  537. {
  538. int res;
  539. if (!evp_rand_lock(ctx))
  540. return 0;
  541. res = evp_rand_reseed_locked(ctx, prediction_resistance,
  542. ent, ent_len, addin, addin_len);
  543. evp_rand_unlock(ctx);
  544. return res;
  545. }
  546. static unsigned int evp_rand_strength_locked(EVP_RAND_CTX *ctx)
  547. {
  548. OSSL_PARAM params[2] = { OSSL_PARAM_END, OSSL_PARAM_END };
  549. unsigned int strength = 0;
  550. params[0] = OSSL_PARAM_construct_uint(OSSL_RAND_PARAM_STRENGTH, &strength);
  551. if (!evp_rand_get_ctx_params_locked(ctx, params))
  552. return 0;
  553. return strength;
  554. }
  555. unsigned int EVP_RAND_get_strength(EVP_RAND_CTX *ctx)
  556. {
  557. unsigned int res;
  558. if (!evp_rand_lock(ctx))
  559. return 0;
  560. res = evp_rand_strength_locked(ctx);
  561. evp_rand_unlock(ctx);
  562. return res;
  563. }
  564. static int evp_rand_nonce_locked(EVP_RAND_CTX *ctx, unsigned char *out,
  565. size_t outlen)
  566. {
  567. unsigned int str = evp_rand_strength_locked(ctx);
  568. if (ctx->meth->nonce == NULL)
  569. return 0;
  570. if (ctx->meth->nonce(ctx->algctx, out, str, outlen, outlen))
  571. return 1;
  572. return evp_rand_generate_locked(ctx, out, outlen, str, 0, NULL, 0);
  573. }
  574. int EVP_RAND_nonce(EVP_RAND_CTX *ctx, unsigned char *out, size_t outlen)
  575. {
  576. int res;
  577. if (!evp_rand_lock(ctx))
  578. return 0;
  579. res = evp_rand_nonce_locked(ctx, out, outlen);
  580. evp_rand_unlock(ctx);
  581. return res;
  582. }
  583. int EVP_RAND_get_state(EVP_RAND_CTX *ctx)
  584. {
  585. OSSL_PARAM params[2] = { OSSL_PARAM_END, OSSL_PARAM_END };
  586. int state;
  587. params[0] = OSSL_PARAM_construct_int(OSSL_RAND_PARAM_STATE, &state);
  588. if (!EVP_RAND_CTX_get_params(ctx, params))
  589. state = EVP_RAND_STATE_ERROR;
  590. return state;
  591. }
  592. static int evp_rand_verify_zeroization_locked(EVP_RAND_CTX *ctx)
  593. {
  594. if (ctx->meth->verify_zeroization != NULL)
  595. return ctx->meth->verify_zeroization(ctx->algctx);
  596. return 0;
  597. }
  598. int EVP_RAND_verify_zeroization(EVP_RAND_CTX *ctx)
  599. {
  600. int res;
  601. if (!evp_rand_lock(ctx))
  602. return 0;
  603. res = evp_rand_verify_zeroization_locked(ctx);
  604. evp_rand_unlock(ctx);
  605. return res;
  606. }